-
Notifications
You must be signed in to change notification settings - Fork 0
152 lines (121 loc) · 3.98 KB
/
ci.yml
File metadata and controls
152 lines (121 loc) · 3.98 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
name: CI
on:
pull_request:
push:
branches: [ main ]
concurrency:
group: ci-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
test:
name: Pester (${{ matrix.os }})
runs-on: ${{ matrix.os }}
permissions:
contents: read
actions: write
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
steps:
- uses: actions/checkout@v6
- name: Run Pester
shell: pwsh
run: pwsh -NoProfile -File ./tools/Invoke-IdlePesterTests.ps1 -CI
- name: Upload Pester artifacts
if: always()
uses: actions/upload-artifact@v6
with:
name: pester-artifacts-${{ matrix.os }}
if-no-files-found: warn
path: |
artifacts/test-results.xml
artifacts/coverage.xml
lint:
name: PSScriptAnalyzer
runs-on: ubuntu-latest
permissions:
contents: read
actions: read
security-events: write
steps:
- uses: actions/checkout@v6
- name: Run PSScriptAnalyzer
shell: pwsh
run: pwsh -NoProfile -File ./tools/Invoke-IdleScriptAnalyzer.ps1 -CI
- name: Upload PSScriptAnalyzer artifacts
if: always()
uses: actions/upload-artifact@v6
with:
name: psscriptanalyzer-artifacts
if-no-files-found: warn
path: |
artifacts/pssa-results.json
artifacts/pssa-results.sarif
- name: Upload SARIF to GitHub Code Scanning
if: always() && github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: github/codeql-action/upload-sarif@v4
with:
sarif_file: artifacts/pssa-results.sarif
docs-cmdlet-reference:
name: Verify cmdlet reference is up to date
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Install platyPS
shell: pwsh
run: |
Set-StrictMode -Version Latest
$ErrorActionPreference = 'Stop'
# Ensure PSGallery does not prompt (non-interactive CI)
if (Get-Command -Name Set-PSRepository -ErrorAction SilentlyContinue) {
try {
Set-PSRepository -Name PSGallery -InstallationPolicy Trusted -ErrorAction Stop
} catch {
# Ignore if not supported in this environment
}
}
# platyPS is pinned for deterministic Markdown output.
# See CONTRIBUTING.md for upgrade procedure.
Install-Module -Name platyPS -RequiredVersion 0.14.2 -Scope CurrentUser -Force -AllowClobber -ErrorAction Stop
- name: Debug platyPS version
shell: pwsh
run: |
Get-Module -ListAvailable platyPS | Sort-Object Version -Descending | Select-Object -First 1 | Format-List Name,Version,Path
- name: Generate cmdlet reference
shell: pwsh
run: |
Set-StrictMode -Version Latest
$ErrorActionPreference = 'Stop'
pwsh -NoProfile -File ./tools/Generate-IdleCmdletReference.ps1
- name: Verify working tree clean
shell: bash
run: |
set -euo pipefail
echo "== git status =="
git status --porcelain || true
echo "== git diff (first 200 lines) =="
git diff | sed -n '1,200p' || true
git diff --exit-code
docs-step-reference:
name: Verify step reference is up to date
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Generate step reference
shell: pwsh
run: |
Set-StrictMode -Version Latest
$ErrorActionPreference = 'Stop'
pwsh -NoProfile -File ./tools/Generate-IdleStepReference.ps1
- name: Verify working tree clean
shell: bash
run: |
set -euo pipefail
echo "== git status =="
git status --porcelain || true
echo "== git diff (first 200 lines) =="
git diff | sed -n '1,200p' || true
git diff --exit-code